Related Posts

To examine a multitude of health privacy questions, we held the 4th iteration of our “Always On” series, this time bringing together leading experts in government, academia, advocacy, and industry to explore the regulatory and social challenges we face as digital patients. Michelle details the conversations that were held, the questions that were posed, and the solutions that were considered, plus more.

Much of the discussion at the recent India-U.S. Information and Communications Technologies Working Group focused on the Indian government’s “Digital India” initiative to promote universal connectivity, with the goal of providing every citizen with broadband connection by December 2016. As part of a “cradle-to-grave digital identity” for its citizens, the government plans to draw on the Aadhaar program, a controversial unique identification system that has led the Indian government to create the world’s largest biometric database. Lisa discusses its privacy concerns and more.

The FTC’s case seemed straightforward enough: it’s not a good idea to install file-sharing software on computers that hold unencrypted medical records. That’s what LabMD, a Georgia-based medical testing facility, was accused of doing in a 2013 FTC complaint. Most companies typically settle with the Federal Trade Commission to avoid the costs of protracted litigation (and because they typically don’t have to pay any fines given the FTC’s lack of penalty authority). However, LabMD thought they were being unfairly picked on — they argue the FTC should be suing the file-sharing software maker, LimeWire, instead — so they made the FTC take them to court.

Telehealth – using telecommunication technologies to prevent illness and promote health – has incredible potential benefits. Telehealth can help reach underserved or remote populations, and it can also help reduce costs in general, while providing more real-time interaction between medical providers and patients. The benefits – and effectiveness – are becoming increasingly clear, however the full potential of telehealth cannot be realized unless privacy and security risks are addressed upfront.

Earlier this month, Covered California – the state’s affordable health care insurance marketplace – launched an initiative to boost enrollment by inviting individuals who had started an application on the website, but did not finish it, to complete their application. However, the manner in which Covered California is doing this – through sharing the names, addresses and emails of potential applicants with insurance agents and brokers, and having the agents invite the applicant to return to complete their application – has alarmed insurance agents as well as the potential applicants.

The bumpy rollout of healthcare.gov has been front-page news for the past several weeks, but the topic of health reform extends well beyond current efforts to get everyone insured. Efforts to transform health care so that it delivers greater value for patients at more rational costs are proceeding apace. For example, Walgreens is piloting a new model of care – called Well Experience – where the pharmacist’s work area is relocated from behind the counter out into public areas of the pharmacy. This enables the pharmacist to interact more regularly with members of the public – to answer questions and provide advice to patients.

What’s happening in California with respect to health privacy? In short, a lot! In a new report released by the California Healthcare Foundation and authored by CDT’s health privacy team, California’s dynamic health privacy landscape is analyzed, with areas for future policy explored. “Rights and Requirements: A Guide to Privacy and Security of Health Information in California” is an invaluable resource for health care professionals in California and elsewhere as they address the privacy and security challenges of patient information.

After three years of preparation, today is “Implementation Day” for a signature piece of the Affordable Care Act – the day that health insurance exchanges or “Marketplaces” will be open for individuals seeking coverage. There has been a lot of attention from Congress – and the American public – regarding the integrity and readiness of these insurance marketplaces, especially in terms of privacy. The good news though is that not only has privacy been a core consideration in the design of the Marketplaces, but also that health care privacy reform has made significant progress over the past four years.

With less than two months to go before enrollment is set to begin in the Affordable Care Act’s Health Insurance Marketplaces, a report last week from the HHS Office of the Inspector General found that Centers for Medicare & Medicaid Services (CMS) have moved their internal deadlines for security testing of the Data Hub to mid-September with a final agency sign-off due on September 30th, the day before open enrollment begins. Getting security right is vital and CMS has crunched its margin for error by moving the deadline to the last minute. The attention being paid to security and privacy at this stage is a good thing – the American public deserves to be reassured that the personal data they enter into the new system, or that is shared by federal agencies, is used appropriately and does not fall into the wrong hands.

The term “cloud computing” popped up about five years ago to describe a relatively simple concept: the ability to consolidate and outsource computing resources to (often) external entities in order to take advantage of economies of scale, resulting in cheaper, more flexible, and more secure computing. Cloud computing enables many computing resources to be used much like a utility. Today, cloud computing is an integral part of the high-tech landscape, from consumer-grade services like cloud email (e.g., Gmail), document storage (e.g., DropBox), and collaborative editing (e.g., Google Docs) to specialized enterprise services such as customer relationship management software (e.g., Salesforce.com) to full servers (e.g., Rackspace).